karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré (JIRA) <j...@apache.org>
Subject [jira] [Updated] (KARAF-2755) Encrypt password mechanism pollutes the group
Date Tue, 08 Apr 2014 15:32:14 GMT

     [ https://issues.apache.org/jira/browse/KARAF-2755?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jean-Baptiste Onofré updated KARAF-2755:
----------------------------------------

    Fix Version/s:     (was: 3.0.1)
                   3.0.2
                   4.0.0

> Encrypt password mechanism pollutes the group
> ---------------------------------------------
>
>                 Key: KARAF-2755
>                 URL: https://issues.apache.org/jira/browse/KARAF-2755
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-security
>            Reporter: Jean-Baptiste Onofré
>            Assignee: Jean-Baptiste Onofré
>             Fix For: 2.4.0, 4.0.0, 3.0.2
>
>
> By enabling the encryption (in etc/org.apache.karaf.jaas.cfg), Karaf ignores if we talk
about users or groups, and so encrypts the groups, resulting to something like this in etc/users.properties:
> {code}
> karaf = {CRYPT}e7ebf747769e8522b52d1bf47f718788{CRYPT},_g_:admingroup
> _g_\:admingroup = {CRYPT}db0f6f37ebeb6ea09489124345af2a45{CRYPT},admin,manager,viewer
> {code}
> The encryption service should check if the considered line is an user or a group, and
just crypts the user passwords.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message